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DETAILED ACTION 

1. This is in response to the RCE filed on 6 October 2006. 

2. Claims 1, 7-12, 18-22 and 30 are pending in the application. 

3. Claims 1,7-12, 18-22 and 30 have been rejected. 

4. Claims 2-6, 13-17 and 23-29 have been cancelled. 

Continued Examination Under 37 CFR LI 14 

5. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 
CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible 
for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been 
timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 
1.114. Applicant's submission filed on 6 October 2006 has been entered. 

Response to Arguments 

6. Applicant's arguments with respect to claims 1,7-12, 18-22 and 30 have been considered but 
are moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC § 112 
The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

7. Claims 1, 7-12, 18-22 and 30 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. 

Independent claims 1, 12 and 30 recite the limitations of "encrypting the session key, 
with a public key of the fist user using an asymmetric encryption routine, for storage as a first 
user key blob," "encrypting the session key, with a master public key using the asymmetric 
encryption routine, for storage as a master key blob," "decrypting the user key blob using the 
asymmetric encryption routine proving the first system with access to the session key". All three 
limitations recite a "key blob". However, the examiner finds no support in the original 
specification for a "key blob". 

Independent claims 1, 12 and 30 recite "a session key randomly generated". However, 
after a careful review of the specification, the examiner finds no support in the original 
specification for a session key that was randomly generated. 
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Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

8. Claims 1, 7, 8, 12, 18, 19 and 30 are rejected under 35 U.S.C 102(e) as being anticipated 
by Albanese et al U.S. Patent No. 6,002,768. 

As to claim 1, Albanese et al discloses a method for encrypting data, the method 
comprising: 

providing a first data processing system for a first user and a second data 
processing system for a second user [column 7, lines 7-28]; 

providing a session key randomly generated by the second system for use 
in encrypting original data [column 5, lines 14-30]; 

encrypting the data using the session key and a symmetric encryption 
routine [column 9, lines 37-43]; 

encrypting the session key, with a public key of the first user using an 
asymmetric encryption routine, for storage as a first user key blob [column 9, 
lines 37-43]; 

encrypting the session key, with a master public key using the asymmetric 
encryption routine, for storage as a master key blob [column 9, lines 37-43]; 
storing a first user private key on any media [column 4, lines 20-36]; 
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decrypting the user key blob using the asymmetric encryption routine 
providing the first system with access to the session key [column 6, lines 31-44]; 
and 

the first system decrypting the data using the symmetric encryption routine 
and securely transmitting the data to the first system [column 6, lines 31-44]. 
As to claims 7 and 18, Albanese et al discloses storing the first user's private key on a 
data storage medium coupled to the destination data processing system [column 8, lines 4-14]. 

As to claims 8 and 19, Albanese et al discloses storing the master private key on a data 
storage medium coupled to the destination data processing system [column 7, lines 7-28]. 

As to claim 12, Albanese et al discloses a method for encrypting data, the method 
comprising: 

providing a first data processing system for a first user and a second data 
processing system for a second user [column 7, lines 7-28]; 

providing a session key randomly generated by the second system for use 
in encrypting original data [column 5, lines 14-30]; 

encrypting the data using the session key and a symmetric encryption 
routine [column 9, lines 37-43]; 

encrypting the session key, with a public key of the first user using an 
asymmetric encryption routine, for storage as a first user key blob [column 9, 
lines 37-43]; 

encrypting the session key, with a master public key using the asymmetric 
encryption routine, for storage as a master key blob [column 9, lines 37-43]; 
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storing a first user private key on any media [column 4, lines 20-36]; 

decrypting the user key blob using the asymmetric encryption routine 
providing the first system with access to the session key [column 6, lines 31-44]; 

the first system decrypting the data using the symmetric encryption routine 
and securely transmitting the data to the first system [column 6, lines 31-44]; and 

a third party gaining access to the data using a master private key to 
decrypt the master key blob using the asymmetric encryption routine and gain 
access to the original data [column 9, lines 37-43]. 
As to claim 30, Albanese et al discloses a method for encrypting data, the method 
comprising: 

providing a first data processing system for a first user and a second data 
processing system for a second user [column 7, lines 7-28]; 

providing a session key randomly generated by the second system for use 
in encrypting original data [column 5, lines 14-30]; 

encrypting the data using the session key and a symmetric encryption 
routine [column 9, lines 37-43]; 

encrypting the session key, with a public key of the first user using an 
asymmetric encryption routine, for storage as a first user key blob [column 9, 
lines 37-43]; 

encrypting the session key, with a master public key using the asymmetric 
encryption routine, for storage as a master key blob [column 9, lines 37-43]; 
storing a first user private key on any media [column 4, lines 20-36]; 
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decrypting the user key blob using the asymmetric encryption routine 
providing the first system with access to the session key [column 6, lines 31-44]; 

the first system decrypting the data using the symmetric encryption routine 
and securely transmitting the data to the first system [column 6, lines 31-44]; and 
a third party gaining access to the data using a master private key to 
decrypt the master key blob using the asymmetric encryption routine and gain 
access to the original data [column 9, lines 37-43]. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. Claims 9, 10, 20 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Albanese et al U.S. Patent No. 6,002,768 as applied to claims 1 and 12 above, and further in 
view of Dillaway et al U.S. Patent No. 5,742,756. 

As to claims 9 and 20, Albanese et al does not teach retrieving the first user's private key 
from a smart card utilizing a smart card reader coupled to the destination data processing system. 

Dillaway teaches private key stored on a smart card utilizing a smart card reader coupled 
to the destination data processing system [figure 2]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Albanese et al so that the first user's private key is 
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stored on a smart card coupled to the destination node. The private key is oniy retrieved when 
the smart card is inserted into the smart card reader. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Albanese et al by the teaching of Dillaway because it 
utilizes a smart card to perform critical cryptography operations. The smart Card can be 
programmed or otherwise configured to never expose the user's private keys. Rather than 
providing a private key to the user's computer, the key is held within the smart Card, and 
required cryptographic operations are performed on the smart Card itself. This makes it 
impossible for hostile code to obtain the private key [column 3, lines 24-31]. 

As to claims 10 and 21, Albanese et al does not teach retrieving the master private key 
from a smart card utilizing a smart card reader coupled to the destination data processing system. 

Dillaway teaches private key stored on a smart card utilizing a smart card reader coupled 
to the destination data processing system [figure 2]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Albanese et al so that the master private key is 
stored on a smart card coupled to the destination node. The master private key is only retrieved 
when the smart card is inserted into the smart card reader. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Albanese et al by the teaching of Dillaway because it 
utilizes a smart card to perform critical cryptography operations. The smart card can be 
programmed or otherwise configured to never expose the user's private keys. Rather than 
providing a private key to the user's computer, the key is held within the smart card, and required 
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cryptographic operations are performed on the smart card itself. This makes it impossible for 
hostile code to obtain the private key [column 3, lines 24-31]. 

10. Claims 11 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Albanese et al U.S. Patent No. 6,002,768 as applied to claims 1 and 12 above, and further in 
view of Kruys U.S. Patent No. 5,555,309. 

As to claims 1 1 , 22 and 29, Albanese et al does not teach utilizing a plurality of public 
master keys and a plurality of private master keys to decrypt the encrypted session key. 
Kruys teaches a plurality of master keys [column 2 3 lines 56-67], 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Albanese et al so that there would have been a 
plurality of public and private master keys to decrypt the encrypted session keys. There would 
have been multiple session keys so there would have been a public/private master key set to 
encrypt and decrypt the session keys. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Albanese et al by the teaching of Kruys because it utilizes 
master keys, each one of which is unique to a respective domain member, and is arranged to 
protect the respective member vector key of each domain member [column 3, lines 55-62]. 
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Conclusion 



11. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K. Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Aravind K Moorthy 
December 13, 2006 





